[El-errata] ELSA-2019-1169 Important: Oracle Linux 6 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue May 14 22:43:02 PDT 2019 

Oracle Linux Security Advisory ELSA-2019-1169

http://linux.oracle.com/errata/ELSA-2019-1169.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-754.14.2.el6.i686.rpm
kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm
kernel-debug-2.6.32-754.14.2.el6.i686.rpm
kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm
kernel-devel-2.6.32-754.14.2.el6.i686.rpm
kernel-doc-2.6.32-754.14.2.el6.noarch.rpm
kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
kernel-headers-2.6.32-754.14.2.el6.i686.rpm
perf-2.6.32-754.14.2.el6.i686.rpm
python-perf-2.6.32-754.14.2.el6.i686.rpm

x86_64:
kernel-2.6.32-754.14.2.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm
kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm
kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm
kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm
kernel-devel-2.6.32-754.14.2.el6.x86_64.rpm
kernel-doc-2.6.32-754.14.2.el6.noarch.rpm
kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm
kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm
perf-2.6.32-754.14.2.el6.x86_64.rpm
python-perf-2.6.32-754.14.2.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-754.14.2.el6.src.rpm



Description of changes:

[2.6.32-754.14.2.el6.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.14.2.el6]
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman 
Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation 
(Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode 
load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 
CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation 
(Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman 
Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman 
Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle 
entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 
CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active 
(Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman 
Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 
1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS 
(Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 
1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability 
(Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 
CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 
1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 
1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) 
[1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}

[2.6.32-754.14.1.el6]
- [s390] kernel: Add crypto card toleration support (Hendrik Brueckner) 
[1695496]

[2.6.32-754.13.1.el6]
- [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas 
Czerner) [1686170]

More information about the El-errata mailing list